* Fix 502 errors for requests without headers
* Add unexported roundRobinPolicier
We have to preserve state for fallback mode of Header policy, so
it's required to save state in some variable
* Adding TLS client cert placeholders
* Use function to get the peer certificate
* Changing SHA1 to SHA256
* Use UTC instead of GMT
* Adding tests
* Adding getters for Protocol and Cipher
Current Caddy code used a combination of CSS styles that
some mainstream browsers (e.g. Firefox) do not support well:
"td:first-child { width: 100%; }" together with
"td:last-child { padding-right: 5%; }".
The old approach was three columns with:
- "Name": 100% width, 5% padding left
- "Size": minimal width
- "Modified": minimal width, 5% padding right
Now the new approach is five columns with:
- <Dummy>: 5% width
- "Name": 80% width
- "Size": minimal width
- "Modified": minimal width
- <Dummy>: 5% width
* Fix a few import problems: snippets and import literals.
Two problems are fixed by this code simplification:
1. Snippets defined in one import file are strangely not available in
another.
2. If an imported file had a directive with an argument "import", then
the rest of the tokens on the line would be converted to absolute
filepaths.
An example of #2 would be the following directive in an imported file:
basicauth / import secret
In this case, the password would actually be an absolute path to the
file 'secret' (whether or not it exists) in the directory of the imported
Caddyfile.
The problem was the blind token processing to fix import paths in the
imported tokens without considering the context of the 'import' token.
My first inclination was to just add more context (detect 'import' tokens
at the beginning of lines and check the value tokens against defined
snippets), however I eventually realized that we already do all of this
in the parser, so the code was redundant. Instead we just use the current
token's File property when importing. This works fine with imported tokens
since they already have the absolute path to the imported file!
Fixes#2204
* renamed file2 -> fileName
* Fix copy/pasted comment in test.
* Change gzip example to basicauth example.
This makes it more clear how the import side effect is detrimental.
Knowing whether Caddy is running in a container is super-useful for
debugging and troubleshooting, as well as for making development-time
decisions, because Docker is one of the top contributors to our
user support burden.
Thanks to Eldin for helping to test it.
* Enabled configurable Timeout for the proxy directive
* Added Test for reverse for proxy timeout
* Removed Duplication in proxy constructors
* Remove indirection from multiple constructors and refactor into one
* Fix inconsistent error message and refactor dialer initialization
* caddyfile: More robust parsing for 'import' (fixes#2096)
The fix for hanging involves limiting the number of wildcards in an
import pattern to just 1. Otherwise some patterns can expand to the
entire disk.
The other fix requires that the end string for an environment variable
expansion come after the start string.
* caddyfile: Fix more fuzzing errors
- Introduce StrictHostMatching mode for sites that require clientauth
- Error if QUIC is enabled whilst TLS clientauth is configured
(Our QUIC implementation does not yet support TLS clientauth, but
maybe it will in the future - fixes#2095)
- Error if one but not all TLS configs for the same hostname have a
different ClientAuth CA pool
